From df8a2e67825ec744261967ef48bdca2d458cf6dc Mon Sep 17 00:00:00 2001 From: Mahesh Jethanandani Date: Tue, 29 Jan 2019 12:52:09 -0800 Subject: [PATCH] Added security-group-rule --- example-data/nfv.xml | 2 +- src/yang/etsi-nfv-common.yang | 110 +++++++++++++++++++++++++++++++ src/yang/etsi-nfv-pnf.yang | 1 + src/yang/etsi-nfv-vnf.yang | 119 +--------------------------------- 4 files changed, 113 insertions(+), 119 deletions(-) diff --git a/example-data/nfv.xml b/example-data/nfv.xml index 42ddfed..0c603f5 100644 --- a/example-data/nfv.xml +++ b/example-data/nfv.xml @@ -4,7 +4,7 @@ My Company My Company ASAv 9.8 - 9.8 + 9.8 My Company Vnfm firewall diff --git a/src/yang/etsi-nfv-common.yang b/src/yang/etsi-nfv-common.yang index ef81556..676527f 100644 --- a/src/yang/etsi-nfv-common.yang +++ b/src/yang/etsi-nfv-common.yang @@ -565,5 +565,115 @@ submodule etsi-nfv-common { reference "GS NFV IFA011: Section 7.1.6.3 Cpd information element"; } + + leaf security-group-rule-id { + type leafref { + path "/nfv/vnfd/security-group-rule/id"; + } + description + "Reference of the security group rules bound to this + CPD."; + reference + "GS NFV IFA011: Section 7.1.6.3 Cpd information element"; + } + } + + grouping security-group-rule { + list security-group-rule { + key "id"; + + leaf id { + type string; + description + "Identifier of this SecurityGroupRule information + element."; + reference + "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule + information element."; + } + + leaf description { + type string; + description + "Human readable description of the security group rule."; + reference + "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule + information element."; + } + + leaf direction { + type enumeration { + enum ingress; + enum egress; + } + default "ingress"; + description + "The direction in which the security group rule is applied. + Permitted values: INGRESS, EGRESS. Defaults to INGRESS."; + reference + "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule + information element."; + } + + leaf ether-type { + type enumeration { + enum ipv4; + enum ipv6; + } + default "ipv4"; + description + "Indicates the protocol carried over the Ethernet layer. + Permitted values: IPV4, IPV6. Defaults to IPV4."; + reference + "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule + information element."; + } + + leaf protocol { + type enumeration { + enum tcp; + enum udp; + enum icmp; + } + default "tcp"; + description + "Indicates the protocol carried over the IP layer. + Permitted values: any protocol defined in the IANA + protocol registry, e.g. TCP, UDP, ICMP, etc. Defaults + to TCP."; + reference + "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule + information element."; + } + + leaf port-range-min { + must ". <= ../port-range-max"; + type uint16; + default "0"; + description + "Indicates minimum port number in the range that is + matched by the security group rule. Defaults to 0."; + reference + "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule + information element."; + } + + leaf port-range-max { + must ". >= ../port-range-min"; + type uint16; + default "65535"; + description + "Indicates maximum port number in the range that is + matched by the security group rule. Defaults to 65535."; + reference + "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule + information element."; + } + + description + "Defines security group rules to be used by the VNF."; + reference + "GS NFV IFA011: Section 7.1.2, VNFD information element."; + } } } diff --git a/src/yang/etsi-nfv-pnf.yang b/src/yang/etsi-nfv-pnf.yang index 1bfad35..69450ee 100644 --- a/src/yang/etsi-nfv-pnf.yang +++ b/src/yang/etsi-nfv-pnf.yang @@ -111,6 +111,7 @@ submodule etsi-nfv-pnf { reference "GS NFV-IFA014: Section 6.6.2, Pnfd information element"; } + uses security-group-rule; } } } diff --git a/src/yang/etsi-nfv-vnf.yang b/src/yang/etsi-nfv-vnf.yang index 5432ac5..6e2ef3b 100755 --- a/src/yang/etsi-nfv-vnf.yang +++ b/src/yang/etsi-nfv-vnf.yang @@ -281,18 +281,7 @@ submodule etsi-nfv-vnf { "GS NFV IFA011: Section 7.1.6.4, VduCpd information element."; } - uses cpd; - leaf security-group-rule-id { - type leafref { - path "../../../security-group-rule/id"; - } - description - "Reference of the security group rules bound to this - CPD."; - reference - "GS NFV IFA011: Section 7.1.6.3 Cpd information element"; - } } leaf virtual-compute-desc { type leafref { @@ -1102,102 +1091,7 @@ submodule etsi-nfv-vnf { } } - list security-group-rule { - key "id"; - - leaf id { - type string; - description - "Identifier of this SecurityGroupRule information - element."; - reference - "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule - information element."; - } - - leaf description { - type string; - description - "Human readable description of the security group rule."; - reference - "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule - information element."; - } - - leaf direction { - type enumeration { - enum ingress; - enum egress; - } - default "ingress"; - description - "The direction in which the security group rule is applied. - Permitted values: INGRESS, EGRESS. Defaults to INGRESS."; - reference - "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule - information element."; - } - - leaf ether-type { - type enumeration { - enum ipv4; - enum ipv6; - } - default "ipv4"; - description - "Indicates the protocol carried over the Ethernet layer. - Permitted values: IPV4, IPV6. Defaults to IPV4."; - reference - "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule - information element."; - } - - leaf protocol { - type enumeration { - enum tcp; - enum udp; - enum icmp; - } - default "tcp"; - description - "Indicates the protocol carried over the IP layer. - Permitted values: any protocol defined in the IANA - protocol registry, e.g. TCP, UDP, ICMP, etc. Defaults - to TCP."; - reference - "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule - information element."; - } - - leaf port-range-min { - must ". <= ../port-range-max"; - type uint16; - default "0"; - description - "Indicates minimum port number in the range that is - matched by the security group rule. Defaults to 0."; - reference - "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule - information element."; - } - - leaf port-range-max { - must ". >= ../port-range-min"; - type uint16; - default "65535"; - description - "Indicates maximum port number in the range that is - matched by the security group rule. Defaults to 65535."; - reference - "GS NFV IFA011: Section 7.1.6.9, SecurityGroupRule - information element."; - } - - description - "Defines security group rules to be used by the VNF."; - reference - "GS NFV IFA011: Section 7.1.2, VNFD information element."; - } + uses security-group-rule; list ext-cpd { key "id"; @@ -1233,17 +1127,6 @@ submodule etsi-nfv-vnf { } uses virtual-network-interface-requirements; uses cpd; - - leaf security-group-rule-id { - type leafref { - path "../../security-group-rule/id"; - } - description - "Reference of the security group rules bound to this - CPD."; - reference - "GS NFV IFA011: Section 7.1.6.3 Cpd information element"; - } } list df { -- GitLab